CVE-2023-25908: 
Adobe Photoshop vulnerability analysis and mitigation

Adobe Photoshop versions 23.5.3 (and earlier) and 24.1.1 (and earlier) are affected by a Use After Free vulnerability identified as CVE-2023-25908. The vulnerability was discovered and disclosed in March 2023, affecting both Windows and macOS operating systems (NVD, CVE).

The vulnerability is classified as a Use After Free (CWE-416) issue that could potentially lead to arbitrary code execution in the context of the current user. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (NVD).

If successfully exploited, this vulnerability could result in arbitrary code execution in the context of the current user. The impact could potentially compromise the confidentiality, integrity, and availability of the affected system (NVD).

Adobe has released security updates to address this vulnerability. Users are advised to update to the latest version of Adobe Photoshop to mitigate this security risk (Adobe Advisory).

Adobe acknowledged Chen Qingyang (yjdfy) for reporting the vulnerability (Adobe Advisory).